[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] BadExit: Rerouting exit relays detected (1) 45.63.11.98

On 10/11/20 1:17 PM, nusenu wrote:
>> I am losing patience with the "let's play nice and let exit IP addresses
>> be predictable" model... We are not being treated well by the banhammer
>> brigade, and it might be time to flip some tables. I would not call
>> simply using a different exit IP than your relay's OR port a bad exit.
> 
> I'm not calling exit relays using distinct IPs or inbound (OR) and outbound
> connections "BadExits" either, quite the opposite, all exits should be using
> https://2019.www.torproject.org/docs/tor-manual.html.en#OutboundBindAddressExit
> if they have spare IPs.
> That is why I implemented and automated that configuration in relayor.

Ok that sounds reasonable. Thanks!

> I believe I can tell rerouting exits from exits having distinct IPs for
> inbound and outbound connections - in most cases.

Are your scanners available for others to run? I understand that it is a
risk that making them public may allow bad exits to avoid them, but is
it ok if other specific people use and adapt the scanners?

>> Remember that our directory authorities are deliberately independent
>> from TPI though, and even what I think is not necessarily what TPI
>> thinks. The dirauths may have different opinions. Coordinating policy of
>> this nature is difficult and requires consensus building.
> 
> Since dir auths have been removing these kinds of relays, I don't think there
> is any policy change necessary.

Ok great! Sometimes I am surprised by their decisions, and I didn't see
this one.


-- 
Mike Perry

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays